More than 1 million children in the United States were affected by identity theft last year, according to a new study highlighting what’s easily the most overlooked demographic impacted by breaches of personally identifiable information.

Advertisement

The study, released Tuesday by Javelin Strategy & Research, claims that in 2017, more than $2.6 billion in losses may be attributed to incidents of identity theft involving children. The out-of-pocket cost to families is estimated at over $540 million.

Unlike adult victims, only 7 percent of whom personally know the identity thief, some 60 percent of identity fraud victims who are children know the perpetrator, the study says. In a third of all incidents recorded by Javelin, a family friend was responsible, while 18 percent of the time the fraud was committed by the parent’s spouse or partner. Two-thirds of the victims are younger than eight years old.

The increased digitization of school and medical records follows a rising risk of data breaches impacting minors. According to the study, 11 percent of households had at least one child’s personal information become compromised in the past 12 months.

Advertisement

“Children who are unprepared to protect themselves from online risks are likely to encounter individuals who wish to target them emotionally or financially.”

The study also suggests that identities of minors are being “aggressively targeted.” Among households notified of a data breach involving a child, 39 percent fell victim to identity fraud. For comparison, only 19 percent of adults who were notified became fraud victims.

Identifying child ID fraud tends to be more difficult than fraud involving adults, specifically because the perpetrators are more likely to know the victim personally; this places them in a better position to control a victim’s accounts and intercept notifications, the study says.

Advertisement

Coupled with the fact that children and their parents are less likely to actively monitor children’s credit reports, direct access to the child creates an environment in which fraudsters can operate undetected for extended periods.

According to the Federal Trade Commission, there are several telltale signs that a child’s identity may have been stolen: (a) the child may be turned down for benefits because an account has already been opened elsewhere, (b) the IRS sends a notice claiming the child didn’t pay income taxes or that his or her Social Security number was used on another tax form, or (c) debt collectors begin calling to inquire about products and services the child has never had or used.

Javelin’s researchers also recommend checking a child’s credit and freezing it when abnormal activity is detected. (There is likely no downside to freezing a child’s credit simply as a preventative measure, as children generally do not need access to credit and young children are usually not building credit.)

The study, which was funded by theft-protection service Identity Guard, also found a “strong connection” between children who are bullied and those affected by fraud. Kids bullied online are nine times more likely to have their identities stolen, researchers found.

“In many cases, fraud and bullying are not perpetrated by the same individual but arise from the same underlying vulnerabilities,” said Javelin’s Al Pascual, senior VP of research. “Children who are unprepared to protect themselves from online risks are likely to encounter individuals who wish to target them emotionally or financially.”